Old McDonald Had a Pharm?!

There have been a couple recent articles about a phenomenon allegedly known
as "pharming", which people are supposedly worried about. This includes some
combination of DNS cache poisoning and/or worm-powered URL rewriting.

This may also be a form of "fear-driven marketing" by companies inventing
solutions to "fix" the problem which may not exist. (Mac Anti-virus
software, anyone? :wink:

Is anyone aware of actual "pharming" in the wild? Please reply off-list and
I will summarize answers to the list.


Hmm, at the point where malicious software is modifying the behaviour of
applications you may as well compare it to a keylogger. If the miscreant has
control of the machine anything is possible, so sure I can see how it could be a
real threat but it might not perhaps deserve its own silly name.

I think better deployment of certificates and 2 stage token/passwords is the way
forwards for both phishing and pharming (if pharming exists) from the server
perspective. For the clients, continued education and improvement to default
security. There seems to be movement with the latter, for the former tho the
institutions still seem to insist that we the ISPs should be paying to fix their
poor security.